33 matches found
PT-2026-53024
Name of the Vulnerable Software and Affected Versions regclient affected versions not specified Description Authentication credentials for a registry may be leaked to external servers. This occurs when a malicious registry server, a malicious blob store, or a registry that fails to restrict...
Astra Linux – Vulnerability in docker.io
In Docker versions before 9.03.15 and 20.10.3, there is a vulnerability in which pulling an intentionally malformed Docker image manifest causes the dockerd daemon to crash. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing...
RHCOS 4 : OpenShift Container Platform 4.4.3 cri-o (RHSA-2020:1937)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1937 advisory. - containers/image: Container images read entire image manifest into memory CVE-2020-1702 - proglottis/gpgme: Use-after-free in GPGM...
MiracleLinux 7 : buildah-1.11.6-11.el7 (AXSA:2020-066:02)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-066:02 advisory. buildah: Crafted input tar file may lead to local file overwrite during image build process CVE-2020-10696 containers/image: Container images read...
EUVD-2024-0271
Malicious code in bioql PyPI...
RHEL 7 : docker (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - docker: IPv6 router advertisements allow for MitM attacks CVE-2020-13401 - docker: cli leaks private...
Medium: docker
Issue Overview: A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under /var/lib/docker/, leading to possible privilege escalation to the root user in the host. The highest threat from this vulnerability is to data integrity...
SUSE CVE-2021-21285
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing...
Medium: docker
Issue Overview: A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under /var/lib/docker/, leading to possible privilege escalation to the root user in the host. The highest threat from this vulnerability is to data integrity...
Amazon Linux AMI : docker (ALAS-2021-1550)
The version of docker installed on the remote host is prior to 20.10.7-2.69. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1550 advisory. A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under...
openSUSE: Security Advisory for containerd, (openSUSE-SU-2021:0878-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2021:1954-1 Security update for containerd, docker, runc
This update for containerd, docker, runc fixes the following issues: Docker was updated to 20.10.6-ce bsc1184768, bsc1182947, bsc1181594 Switch version to use -ce suffix rather than ce to avoid confusing other tools bsc1182476. CVE-2021-21284: Fixed a potential privilege escalation when the root...
SUSE: Security Advisory (SUSE-SU-2021:0445-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the dockerd daemon, a deployment and application management automation tool in Docker-enabled environments, relates to a resource consumption control mechanism error. This vulnerability allows attackers to trigger service failures.
The vulnerability of the dockerd daemon, a tool for automating the deployment and management of applications in Docker containerized environments, is related to improper handling of the image manifest file. Exploiting this vulnerability allows an attacker to cause service interruptions...
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (important)
openSUSE Security Update: Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork Announcement ID: openSUSE-SU-2021:0278-1 Rating: important References: 1174075 1176708 1178801 1178969 1180243 1180401 1181730 1181732 Cross-References: CVE-2020-15257 CVE-2021-21284...
CVE-2021-21285
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing...
Code injection
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing...
CVE-2021-21285
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing...
UBUNTU-CVE-2021-21285
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing...
CVE-2021-21285
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing...